Table of Contents for
Drupal 8 Development Cookbook - Second Edition

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition Drupal 8 Development Cookbook - Second Edition by Matt Glaman Published by Packt Publishing, 2017
  1. Drupal 8 Development Cookbook
  2. Title Page
  3. Second Edition
  4. Copyright
  5. Drupal 8 Development Cookbook
  6. Second Edition
  7. Credits
  8. About the Author
  9. About the Reviewer
  10. www.PacktPub.com
  11. Why subscribe?
  12. Customer Feedback
  13. Table of Contents
  14. Preface
  15. What this book covers
  16. What you need for this book
  17. Who this book is for
  18. Sections
  19. Getting ready
  20. How to do it…
  21. How it works…
  22. There's more…
  23. See also
  24. Conventions
  25. Reader feedback
  26. Customer support
  27. Downloading the example code
  28. Errata
  29. Piracy
  30. Questions
  31. Up and Running with Drupal 8
  32. Introduction
  33. Installing Drupal
  34. Getting ready
  35. How to do it...
  36. How it works...
  37. There's more...
  38. Creating a database user and a database
  39. Database prefixes
  40. Downloading and installing with Drush
  41. Using Composer to create a Drupal site
  42. Security updates
  43. See also
  44. Using a distribution with Drupal
  45. How to do it...
  46. How it works...
  47. There's more...
  48. Makefiles
  49. Installing with Drush
  50. Using Composer
  51. See also...
  52. Installing modules and themes
  53. Getting ready
  54. How to do it...
  55. How it works...
  56. Discovering modules and themes
  57. Module installation
  58. Theme installation
  59. There's more...
  60. Installing a module or theme using Composer
  61. Installing a module with Drush
  62. Uninstalling a module
  63. See also
  64. Using multisites in Drupal 8
  65. Getting ready
  66. How to do it...
  67. How it works...
  68. There's more...
  69. Security concerns
  70. Domain aliases
  71. See also...
  72. Tools for setting up an environment
  73. Getting ready
  74. How to do it...
  75. How it works...
  76. There's more...
  77. Acquia Dev Desktop
  78. XAMPP + Bitnami
  79. Kalabox
  80. See also
  81. Running tests - Simpletest and PHPUnit
  82. Getting ready
  83. How to do it...
  84. How it works...
  85. There's more...
  86. Is run-tests a shell script?
  87. Running tests without Drupal installed
  88. Running specific tests
  89. PhpStorm - Drupal Test Runner
  90. DrupalCI
  91. See also...
  92. The Content Authoring Experience
  93. Introduction
  94. Configuring the WYSIWYG editor
  95. Getting ready
  96. How to do it...
  97. How it works...
  98. There's more...
  99. Filter module
  100. Improved links
  101. CKEditor plugins
  102. See also
  103. Adding and editing content
  104. Getting ready
  105. How to do it...
  106. How it works...
  107. There's more...
  108. Save as draft
  109. Pathauto
  110. Bulk moderation
  111. See also
  112. Creating a menu and linking content
  113. Getting ready
  114. How to do it...
  115. How it works...
  116. There's more...
  117. Managing a contents menu link from its form
  118. Providing inline editing
  119. How to do it...
  120. How it works...
  121. There's more...
  122. The outside-in approach
  123. Creating a custom content type
  124. How to do it...
  125. How it works...
  126. Applying new Drupal 8 core field types
  127. Getting ready
  128. How to do it...
  129. Link
  130. The Email field
  131. The Telephone field
  132. The Date field
  133. The Entity Reference field
  134. How it works...
  135. There's more...
  136. Upcoming updates
  137. Views and Entity Reference
  138. See also
  139. Customizing the form display of a node
  140. How to do it...
  141. How it works...
  142. There's more...
  143. Managing form display modes
  144. Programmatically providing a default to hidden form items
  145. See also
  146. Customizing the display output of a node
  147. How to do it...
  148. How it works...
  149. Displaying Content through Views
  150. Introduction
  151. Listing content
  152. Getting ready
  153. How to do it...
  154. How it works...
  155. There's more...
  156. Views in Drupal core initiative
  157. Views and displays
  158. Format style plugins - style and row
  159. Using the Embed display
  160. See also
  161. Editing the default admin interfaces
  162. How to do it...
  163. How it works...
  164. There's more...
  165. Exposed versus non-exposed
  166. Filter identifiers
  167. Overriding routes with Views
  168. Creating a block from a View
  169. Getting ready
  170. How to do it...
  171. How it works...
  172. There's more...
  173. Exposed forms as blocks
  174. See also
  175. Utilizing dynamic arguments
  176. How to do it...
  177. How it works...
  178. There's more...
  179. Previewing with contextual filters
  180. Displaying as a tab on the user page
  181. Altering the page title
  182. Validation
  183. Multiple and exclusion
  184. Adding a relationship in a View
  185. How to do it...
  186. How it works...
  187. There's more...
  188. Relationships provided by entity reference fields
  189. Relationships provided through custom code
  190. Using aggregation and views.
  191. Providing an Entity Reference result View
  192. How to do it...
  193. How it works...
  194. See also
  195. Extending Drupal
  196. Introduction
  197. Creating a module
  198. How to do it...
  199. How it works...
  200. There's more...
  201. Module namespaces
  202. Module discovery locations
  203. Defining a package group
  204. Module dependencies
  205. Specifying the module's version
  206. See also...
  207. Defining a custom page
  208. Getting ready
  209. How to do it...
  210. How it works...
  211. There's more...
  212. Parameters in routes
  213. Validating parameters in routes
  214. Route requirements
  215. Providing dynamic routes
  216. Altering existing routes
  217. See also
  218. Defining permissions
  219. Getting ready
  220. How to do it...
  221. How it works...
  222. There's more...
  223. Restrict access flag for permissions
  224. Defining permissions programmatically
  225. Checking whether a user has permissions
  226. Providing the configuration on the installation or update
  227. Getting ready
  228. How to do it...
  229. How it works...
  230. There's more...
  231. Configuration subdirectories
  232. Modifying the existing configuration on installation
  233. See also
  234. Creating an event subscriber
  235. How to do it...
  236. How it works...
  237. There's more...
  238. Using dependency injection
  239. See also
  240. Using Features 3.0
  241. How to do it...
  242. How it works...
  243. There's more...
  244. Suggested feature modules
  245. Features bundles
  246. Managing the configuration state of Features
  247. See also
  248. Frontend for the Win
  249. Introduction
  250. Creating a custom theme based on Classy
  251. How to do it...
  252. How it works...
  253. There's more...
  254. Theme screenshots
  255. Themes, logos, and favicons
  256. Base themes and shared resources
  257. CKEditor style sheets
  258. See also
  259. Using the new asset management system
  260. Getting ready
  261. How to do it...
  262. How it works...
  263. There's more...
  264. CSS groups
  265. Library asset options
  266. Library dependencies
  267. Overriding and extending other libraries
  268. Using a CDN or external resource as a library
  269. Manipulating libraries from hooks
  270. Placing JavaScript in the header
  271. See also
  272. Twig templating
  273. Getting ready
  274. How to do it...
  275. How it works...
  276. There's more...
  277. Security first
  278. Theme hook suggestions
  279. Debugging template file selection and hook suggestions
  280. The Twig logic and operators
  281. See also
  282. Using the Breakpoint module
  283. Getting ready
  284. How to do it...
  285. How it works...
  286. There's more...
  287. Caveat for providing breakpoints from themes
  288. Accessing breakpoints programmatically
  289. Multipliers
  290. See also
  291. Using the Responsive Image module
  292. Getting ready
  293. How to do it...
  294. How it works...
  295. There's more...
  296. Performance first delivery
  297. Removing picturefill polyfill
  298. See also
  299. Creating Forms with the Form API
  300. Introduction
  301. Creating a form
  302. Getting ready
  303. How to do it...
  304. How it works...
  305. There's more...
  306. Form element definitions
  307. The form state
  308. The form cache
  309. See also
  310. Using new HTML5 elements
  311. Getting ready
  312. How to do it...
  313. How it works...
  314. There's more...
  315. Specific element properties
  316. Creating new elements
  317. See also
  318. Validating form data
  319. Getting ready
  320. How to do it...
  321. How it works...
  322. There's more...
  323. Multiple validation handlers
  324. Accessing multidimensional array values
  325. Element validation methods
  326. Processing submitted form data
  327. Getting ready
  328. How to do it...
  329. How it works...
  330. There's more...
  331. Multiple submit handlers
  332. See also
  333. Altering other forms
  334. Getting ready
  335. How to do it...
  336. How it works...
  337. There's more...
  338. Adding additional validate handlers
  339. Adding additional submit handlers
  340. Plug and Play with Plugins
  341. Introduction
  342. Creating blocks using plugins
  343. Getting ready
  344. How to do it...
  345. How it works...
  346. There's more...
  347. Altering blocks
  348. Block settings forms
  349. Defining access to a block
  350. See also
  351. Creating a custom field type
  352. Getting ready
  353. How to do it...
  354. How it works...
  355. There's more...
  356. Altering field types
  357. Defining whether a field is empty
  358. See also
  359. Creating a custom field widget
  360. Getting ready
  361. How to do it...
  362. How it works...
  363. There's more...
  364. Field widget settings and summary
  365. See also
  366. Creating a custom field formatter
  367. Getting ready
  368. How to do it...
  369. How it works...
  370. There's more...
  371. Formatter settings and summary
  372. See also
  373. Creating a custom plugin type
  374. Getting ready
  375. How to do it...
  376. How it works...
  377. There's more...
  378. Specifying an alter hook
  379. Using a cache backend
  380. Accessing plugins through the manager
  381. See also
  382. Multilingual and Internationalization
  383. Introduction
  384. Translating administrative interfaces
  385. Getting ready
  386. How to do it...
  387. How it works...
  388. There's more...
  389. Manually installing language files
  390. Checking translation status
  391. Exporting translations
  392. Interface translation permissions
  393. Using interface translation to customize default English strings
  394. Interface text language detection
  395. Providing translations for a custom module
  396. See also
  397. Translating configuration
  398. Getting ready
  399. How to do it...
  400. How it works...
  401. There's more...
  402. Altering configuration translation info definitions
  403. Translating views
  404. See also
  405. Translating content
  406. Getting ready
  407. How to do it...
  408. How it works
  409. There's more...
  410. Flagging translations as outdated
  411. Translating content links
  412. Defining translation handlers for entities
  413. See also
  414. Creating multilingual views
  415. Getting ready
  416. How to do it...
  417. How it works...
  418. There's more...
  419. Translating exposed form items and filters
  420. Translating display and row format items
  421. Translating page display menu items
  422. See also
  423. Configuration Management - Deploying in Drupal 8
  424. Introduction
  425. Importing and exporting configurations
  426. Getting ready
  427. How to do it...
  428. How it works...
  429. There's more...
  430. Configuration dependencies
  431. Saving to a YAML file for a module's configuration installation
  432. Configuration schemas
  433. See also
  434. Synchronizing site configurations
  435. Getting ready
  436. How to do it...
  437. How it works...
  438. There's more...
  439. Universally Unique Identifier
  440. A synchronization folder
  441. Installing a configuration from a new site
  442. Using command-line workflow processes
  443. Getting ready...
  444. How to do it...
  445. How it works...
  446. There's more...
  447. Drush config-pull
  448. Using the Drupal Console
  449. Editing the configuration from the command line
  450. Exporting a single configuration item
  451. Using version control and command-line workflow
  452. See also
  453. Updating and installing new module configurations
  454. How to do it...
  455. How it works...
  456. There's more...
  457. The Configuration Development module
  458. See also
  459. The Entity API
  460. Introduction
  461. Creating a configuration entity type
  462. Getting ready
  463. How to do it...
  464. How it works...
  465. There's more...
  466. Available data types for schema definitions
  467. See also
  468. Creating a content entity type
  469. Getting ready
  470. How to do it...
  471. How it works...
  472. There's more...
  473. Using the AdminHtmlRouteProvider provider
  474. Making the collection route a local task tab
  475. See also
  476. Creating a bundle for a content entity type
  477. Getting ready
  478. How to do it...
  479. How it works...
  480. There's more...
  481. Provide action links for adding new bundles
  482. See also
  483. Implementing custom access control for an entity
  484. Getting ready
  485. How to do it...
  486. How it works...
  487. There's more...
  488. Controlling access to entity fields
  489. See also
  490. Providing a custom storage handler
  491. Getting ready
  492. How to do it...
  493. How it works...
  494. There's more...
  495. Utilizing a different storage backend for an entity
  496. See also
  497. Creating a route provider
  498. Getting ready
  499. How to do it...
  500. How it works...
  501. There's more...
  502. The Entity API module provides additional providers
  503. See also
  504. Off the Drupalicon Island
  505. Introduction
  506. Implementing and using a third-party JavaScript library
  507. Getting ready
  508. How to do it...
  509. How it works...
  510. There's more...
  511. Best practices for handling external libraries
  512. See also
  513. Implementing and using a third-party CSS library
  514. Getting ready
  515. How to do it...
  516. How it works...
  517. See also
  518. Implementing and using a third-party PHP library
  519. Getting ready
  520. How to do it...
  521. How it works...
  522. See also
  523. Web Services
  524. Introduction
  525. Enabling RESTful interfaces
  526. Getting ready
  527. How to do it...
  528. How it works...
  529. There's more...
  530. Using _format instead of the Accept header
  531. RestResource plugin to expose data through RESTful Web Services
  532. Rate limiting your API
  533. Using the HAL format
  534. See also
  535. Using POST to create data
  536. Getting ready
  537. How to do it...
  538. How it works...
  539. There's more...
  540. Using HAL and understanding _links requirements
  541. Working with images
  542. Using Cross-Site Request Forgery tokens
  543. See also
  544. Using PATCH to update data
  545. Getting ready
  546. How to do it...
  547. How it works…
  548. Using Views to provide custom data sources
  549. How to do it…
  550. How it works
  551. There's more...
  552. Controlling the key name in JSON output
  553. Controlling access to RESTful Views
  554. Authentication
  555. Getting ready
  556. How to do it
  557. How it works
  558. There's more…
  559. Authentication provider services
  560. Page cache request policies and authenticated Web service requests
  561. The IP Authentication provider
  562. See also
  563. Using JSON API
  564. Getting ready
  565. How to do it
  566. How it works...
  567. There's more...
  568. Paginating, filtering, and sorting requests
  569. Installing the JSON API Extras module
  570. Changing the API path prefix
  571. Disabling and enhancing returned entity fields
  572. Contenta CMS
  573. See also
  574. The Drupal CLI
  575. Introduction
  576. Rebuilding cache in Drupal Console or Drush
  577. How to do it…
  578. How it works…
  579. See also
  580. Using Drush to interact with the database
  581. Getting ready
  582. How to do it...
  583. How it works...
  584. There's more…
  585. Using gzip with sql-dump
  586. Using Console to interact with the database
  587. Using Drush to manage users
  588. How to do it…
  589. How it works…
  590. There's more…
  591. Advanced user-login use cases
  592. Using Drupal Console
  593. Scaffolding code through Console
  594. Getting ready
  595. How to do it…
  596. How it works…
  597. Making a Drush command
  598. Getting ready
  599. How to do it…
  600. How it works…
  601. There's more…
  602. Specifying the level of Drupal's bootstrap
  603. See also
  604. Making a Console command
  605. Getting ready
  606. How to do it…
  607. How it works…
  608. There's more…
  609. Using a Console command to create entities
  610. See also

Controlling access to entity fields

The checkFieldAccess method in the core's entity access control handler can be overridden to control access to specific entity fields when modifying an entity. Without being overridden by a child class, the \Drupal\Core\Entity\EntityAccessControlHandler::checkFieldAccess will always return an allowed access result. The method receives the following parameters:

  • The view and edit operations
  • The current field's definition
  • The user session to check access against
  • A possible list of field item values

Entity types can implement their own access control handlers and override this method to provide granular control over the modification of their base fields. A good example would be the User module and its \Drupal\user\UserAccessControlHandler.

User entities have a pass field that is used for the user's current password. There is also a created field that records when the user was added to the site.

For the pass field, it returns denied if the operation is view, but allows access if the operation is edit:

case 'pass': 
  // Allow editing the password, but not viewing it. 
  return ($operation == 'edit') ? AccessResult::allowed() : AccessResult::forbidden();

The created field uses the opposite logic. When a user logs in, the site can be viewed but cannot be edited:

case 'created': 
  // Allow viewing the created date, but not editing it. 
  return ($operation == 'view') ? AccessResult::allowed() : AccessResult::forbidden();